Etherparty announced Sunday that its ICO (Initial Coin Offering) website selling tokens for a blockchain-based smart contract tool was hacked and the address for sending funds to buy tokens was replaced by a fraudulent address controlled by the hackers.
Vancouver-based Etherparty is a smart contract creation tool that allows its users to create smart contracts on the blockchain. Companies like this launch ICO to let them raise funding from multiple sources.
Etherparty said the company launched its Fuel token sale on Sunday, October 1 at 9 A.M. PDT, but just 45 minutes, some unknown attackers hacked into its ICO website and replaced the legitimate address by their own, redirecting cryptocurrencies sent by investors into their digital wallet.
According to the details released by the Etherparty team, the company detected the hack after just 15 minutes and immediately took its website down for nearly one and half hour to fix the issue, preventing more people from sending funds to the hacker's address.
By 11:35 A.M. PDT, the website was rebuilt and switched to a new web server
, which also includes a pro tip on the top of it that reads: "Always check the URL and verify the contract address before sending ETH to any ICO
Although Etherparty did not reveal details on how many funds were stolen, the company was really quick in figuring out the whole incident, taking appropriate steps, and alerting people of the hacking incident by distributing a press release
The blockchain company has also "promised to compensate any affected contributors, with its proprietary FUEL token, prior to the temporary website shutdown at 10 A.M. PDT
." The Etherparty's ICO is still ongoing and open until October 29, 2017.
"Our team has been consistently and successfully thwarting potential security issues to avoid further escalation," Etherparty Founder Lisa Cheng said.
"However, we do acknowledge and apologise for the temporary disruption to our otherwise successful launch day. Etherparty is eager and committed to compensating all affected contributors for the inconvenience."
Etherparty also said despite the hacking incident, its ICO got off to a positive start, "selling over 10,000,000 FUEL tokens in the first hour," and sold more than 400,000,000 FUEL tokens before the official launch in the pre-sale.
This incident marks the latest cyber attack on an ICO, following a theft of nearly $471,000 worth of Ethereum
in cyber attack that hit Enigma Project in August, around $8.4 Million worth of Ethereum
in hack that hit Veritaseum's ICO in July, and $7 Million worth of Ether
tokens during the hack of Israeli startup CoinDash's ICO a week prior to Veritaseum's ICO hack.
Due to rising concerns surrounding ICOs over such hacks and scams, regulators globally are taking action against ICO fundraising. China has already announced an immediate ban on all ICO
across the country.
In the United States, the Securities and Exchange Commission (SEC) has also issued
an official warning about the risks of ICOs but has not made a firm move yet.